Jul 20, 2004By Phil Becker
The goal of a global RFID supply chain is for companies to share data in order to reduce costs and improve sales. While that serves everyone’s best interests, companies are understandably concerned about protecting who has access to their data. Those concerns can be allayed if companies set up an RFID architecture with identity at its center. That would allow networked applications to be organized, managed and secured around the identities of those who use it and the policies of those whose data is being used.
|
|
Identity-management techniques were originally developed to secure and administer Web-enabled applications and databases. More recently, they have evolved to include auditing the use of data and applications to meet growing regulatory requirements. And now identity management is being expanded to allow IT and business processes to become aligned so that administration, management and security don’t create huge overhead and bottlenecks to networked business processes.
In many applications, RFID readers will have to be authenticated to the company’s local area network to ensure the reliability of reader-generated data. Companies will also need an automated way to set up new users and configure (a.k.a. “provision”) their access to RFID data and manage their identity on the network as user access privileges and other configuration options change (“identity life-cycle management”).
As companies start large-scale, cost-sensitive RFID deployments, they must consider how RFID networks will fit into this identity-based architecture. It doesn’t make sense to build a separate high-level infrastructure just for RFID, especially when the identity-based infrastructures already being developed can grow to handle RFID requirements. The administration of RFID-related authentication should be integrated with other system authentication and provide an automated way to set up users and modify their access privileges when necessary.
RFID is often looked at as a data-capture technology that is isolated from other IT systems. But RFID is really one of many new technologies—such as Web services, on-demand computing, adaptive computing and application integration—developed to create more flexible and manageable business processes that are automated and delivered over secure networks. To provide business value, all these technologies need to be pursued in an integrated way, not in isolation.
Designing well-integrated and well-managed RFID-driven business processes—and then building the IT infrastructure that makes it possible to realize the value of these processes and adapt them as a company evolves—can come only from viewing systems architecture as a whole. The goal is to know which people are doing what and then enable their rapid, often mobile, use of the resources needed to do their job while securing against unauthorized use. Integrated identity-based approaches are a prerequisite for success. History has taught us that companies should consider these issues before expensive administrative bottlenecks and security issues hobble a deployment.
Phil Becker is editor-in-chief of Digital ID World magazine, which covers all aspects of identity and its role in networked computing.